fix(sandbox): implement Windows Mandatory Integrity Control for GeminiSandbox (#24057)

This commit is contained in:
Gal Zahavi
2026-03-27 17:14:35 -07:00
committed by GitHub
parent c2705e8332
commit ae123c547c
8 changed files with 75 additions and 23 deletions
@@ -187,7 +187,7 @@ export class LinuxSandboxManager implements SandboxManager {
: false;
const workspaceWrite = !isReadonlyMode || isApproved;
const networkAccess =
this.options.modeConfig?.network ?? req.policy?.networkAccess ?? false;
this.options.modeConfig?.network || req.policy?.networkAccess || false;
const persistentPermissions = allowOverrides
? this.options.policyManager?.getCommandPermissions(commandName)